in what other tech stack is it a good idea to have all your eggs in one basket?

that's why it's baffling. The convenience is outweighed by the possible loss.

What is the alternative strategy? I think for most people before password managers the strategy would be "have one egg".

What percentage of the population even thinks about "tech stacks"? That's the group of people who probably already is using something else. Everyone else is still catching up to not having a password that's just "password1234"

People get their credential compromised via shared passwords way more than compromises of Lastpass or Chrome or 1Password. Sure, it's a bigger risk if your manager is compromised, but for most people it's as much "eggs in one basket" as people only having one bank account which is probably true of nearly everyone.

> password that's just "password1234"

it's even worse than that. The world's most common password is... password.

I'm not sure about that. According to The Plague, the four most common passwords were God, love, sex and secret.

Wiki says that some companies agree[1] that "123456" and "qwerty" are the most popular. "password" seems to generally be in the top 10.

What's interesting on these lists is the presence of Dragon and Monkey - am I mistaken or is it due to CJK users entering a Chinese character that got translated somehow? Wouldn't that mean some of the most popular passwords out there are single unicode characters? Surely not...

[1] https://en.wikipedia.org/wiki/List_of_the_most_common_passwo...

There are lots of enterprise tech stacks where you have a single (or single-as-possible) centralized secret store… it’s far from uncommon, I.e., Hashicorp Vault, AWS Secrets Manager, Google Cloud KMS.

The alternative is spreading your eggs all over the farm, with no way to keep track of where they all are. Many will be put somewhere, then forgotten about.

Do you really think that’s safer?